Benschubert.Infrastructure

Description

A collection to deploy all the infrastructure services that are part of my Homelab.

The main entry point for the collection is benschubert.infrastructure.main which puts all the other roles together in a singular, consistent deployment. It will ensure that all the roles are called in a consistent manner and in the right order.

The following services can be configured with this collection:

• Traefik, using the ingress role, which acts as a reverse proxy and connects all the services to the outside world.

• Authentik, using the auth role, which provides an authentication service to allow SSO to be used for the various services.

• Grafana, using the monitoring role, which allows building dashboard to monitor the Homelab and more.

• Mimir, using the monitoring role, which allows ingesting and storing metrics and alerts.

• Loki, using the monitoring role, which allows ingesting and storing logs, and connects to Mimir for alerts.

• Grafana Alloy, using the monitoring role, which allows collecting metrics and logs

This collection globally expects that podman is already configured on the host, and that the user running the role has enough user namespaces available to isolate every pod.

This role also provide some testing utilities to help with setting up the infrastructure:

• Mailpit, using the mailpit_test_gateway, which allows validating that messages can be sent correctly

Author:

• Benjamin Schubert <contact@benschubert.me>

Supported ansible-core versions:

• 2.15.0 or newer

• older than 2.19.0

• Issue Tracker
• Repository (Sources)

Role Index

These are the roles in the benschubert.infrastructure collection:

• benschubert.infrastructure.auth – Setup an authentication server in podman, using Authentik

• benschubert.infrastructure.ingress – Setup a reverse proxy using podman to expose services using Traefik

• benschubert.infrastructure.mailpit_test_gateway – Setup a Mailpit STMP gateway

• benschubert.infrastructure.main – Configure a suite of basic infrastructure services in podman to serve as a foundation for a Homelab.

• benschubert.infrastructure.monitoring – Configure all services required to monitor services and systems.

• benschubert.infrastructure.postgres – Configure a PostgreSQL instance using podman

• benschubert.infrastructure.redis – Configure a Redis instance using podman

Plugin Index

These are the plugins in the benschubert.infrastructure collection:

Modules

• benschubert.infrastructure.authentik_application – Allows administration of Authentik applications

• benschubert.infrastructure.authentik_application_icon_url – Allows configuring application icons from the Authentik API

• benschubert.infrastructure.authentik_certificate_info – Allows retrieving information about certificates from the Authentik API

• benschubert.infrastructure.authentik_flow_info – Allows retrieving information about flows from the Authentik API

• benschubert.infrastructure.authentik_group – Allows administration of Authentik groups

• benschubert.infrastructure.authentik_group_info – Allows retrieving information about groups from the Authentik API

• benschubert.infrastructure.authentik_outpost – Allows administration of Authentik outposts

• benschubert.infrastructure.authentik_outpost_provider – Allows connecting Authentik providers to outposts

• benschubert.infrastructure.authentik_policy_binding – Allow administration of policy bindings in Authentik

• benschubert.infrastructure.authentik_propertymappings_scope – Allows administration of Authentik scope propertymappings

• benschubert.infrastructure.authentik_propertymappings_scope_info – Allows retrieving information about OAuth2 scopes from the Authentik API

• benschubert.infrastructure.authentik_provider_info – Allows retrieving information about providers from the Authentik API

• benschubert.infrastructure.authentik_provider_oauth2 – Allows administration of Authentik OAuth2 providers

• benschubert.infrastructure.authentik_provider_proxy – Allows administration of Authentik proxy providers

• benschubert.infrastructure.authentik_token – Allows administration of Authentik tokens

• benschubert.infrastructure.authentik_token_value – Allows retrieving the value of the provided token

• benschubert.infrastructure.authentik_user – Allows administration of Authentik users

• benschubert.infrastructure.authentik_user_group – Allows adding or removing users to groups in Authentik

• benschubert.infrastructure.authentik_user_info – Allows retrieving information about users from the Authentik API

• benschubert.infrastructure.github_content – Get the content of a file or directory on GitHub